Made description more consice

approach.tex

@@ -5,13 +5,7 @@ In this section we present the solution developed as a part of this thesis, name
 
 ICFS is a filesystem layer that gives user direct command over its access control. Instead of relying on static policies or rules, it prompts the user for the access control decision via graphical interface. 
 
-ICFS is user-friendly and trivially easy to use. It does not introduce any new terminology or complex access control management strategies. The graphical interface is intuitive and self-explanatory. ICFS is configured on the fly: as programs request access, the user's decisions are recorded and later reused. There is no need for any configuration besides installation and choosing a directory to control. It operates on the level of individual processes and files, ensuring high granularity. 
+ICFS is user-friendly and trivially easy to use. It does not introduce any new terminology or complex access control management strategies. The graphical interface is intuitive and self-explanatory. ICFS is configured on the fly: as programs request access, the user's decisions are recorded and later reused. There is no need for any configuration besides installation and choosing a directory to control. It operates on the level of individual processes and files, ensuring high granularity. At the same time, it allows for broader, more general rules, which helps to reduce the choice fatigue of the user.
-
-\iffalse
-
-At the same time, it allows for broader, more general rules, which helps to reduce the choice fatigue of the user.
-
-\fi
 
 It is backwards compatible: ICFS overrides the regular system call interface using FUSE framework, which means that any software that wishes to use the files ICFS protects has to respect it's policies. Its interactivity combined with the ability to only grant permissions for the lifetime of a specific process makes proxy attacks very difficult to go unnoticed.
 
@@ -31,13 +25,7 @@ What is important for this section however, is that from the standpoint of the u
 
 \section{Access Control Model}
 
-As promised, the access control model of ICFS is trivially simple. It features processes as it's subjects, and files as objects. Whenever a process attempts to open, remove or change the access mode of an existing file and no previous decisions were made regarding process's access to the file, window with a dialogue is displayed with three options:
+As promised, the access control model of ICFS is trivially simple. It features processes as it's subjects, and files as objects. Whenever a process attempts to open, remove or change the access mode of an existing file and no previous decisions were made regarding process's access to the file, window with a dialogue is displayed with two buttons: \emph{Allow] and \emph{Deny}.
-
-\begin{itemize}
-	\item \emph{Allow}, that will allow this process and any other process that is started with the same executable to access the file.
-	\item \emph{Allow this time}, that will allow the requesting process to access the file.
-	\item \emph{Deny}, that will deny all access to the file.
-\end{itemize}
 
 \missingfigure[figwidth=9cm ,figcolor=white]{ICFS access dialogue}